Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Identifying stale guest users - 'lastSignInDateTime' not reliable?

Copper Contributor

So, I listed all of our tenant guest users 'lastSignInDateTime' attribute from MS Graph.

Most have up to date values here, but some got no info here (I guess its because they were never logged on), and some got the value '01.01.0001 00:00:00' ...which I guess also means they were never logged on?

 

But I have one confirmed active user with the '01.01.0001 00:00:00' value. Which makes me doubt if i can use these dates to delete inactive guest users? (This user is participating in team discussions, but his AAD sign-in log is also empty).

2 Replies
best response confirmed by Gonwild (Copper Contributor)
Solution

 

@Gonwild 

 

If Teams is all they're signing into and are doing so via the app, they're probably not triggering in "interactive login".

 

 

PS: Your assumption is correct about the early date, as that is the minimum value of a [DateTime] structure. The minimum value does typically indicate inactivity in attributes that cannot be null.

 

LainRobertson_3-1654266867452.png

 

Cheers,

Lain

 

aha, I did not know this. Yes, in this case the user was signing into the app. Guess one have to take non-interactive logins in account when ruling out stale users. thanks!
1 best response

Accepted Solutions
best response confirmed by Gonwild (Copper Contributor)
Solution

 

@Gonwild 

 

If Teams is all they're signing into and are doing so via the app, they're probably not triggering in "interactive login".

 

 

PS: Your assumption is correct about the early date, as that is the minimum value of a [DateTime] structure. The minimum value does typically indicate inactivity in attributes that cannot be null.

 

LainRobertson_3-1654266867452.png

 

Cheers,

Lain

 

View solution in original post